Benchmark tests measure a repeatable set of quantifiable results that serve as a point of reference against which products and services can be compared. Since 2018, Alexis Ducastel, a Kubernetes CKA/CKAD and the founder of InfraBuilder, has been running independent benchmark tests of Kubernetes network plugins (CNI) over a 10Gbit/s network.
The latest benchmark in this periodic series of tests was published in September, and was based on CNI versions that were up-to-date as of August 2020. Only CNIs that can be set up with a single yaml file were tested and compared, and included the following:
- Antrea v.0.9.1
- Calico v3.16
- Canal v3.16 (Flannel network + Calico Network Policies)
- Cilium 1.8.2
- Flannel 0.12.0
- Kube-router latest (2020–08–25)
- WeaveNet 2.7.0
We are thrilled to report that among all of the CNI’s tested, Calico was the clear winner, excelling in nearly every category and delivering superlative results which are summarized in the chart below. In fact, Calico is the CNI of choice in the primary use cases presented by the author in the report’s summary.
The exceptional performance of Calico encryption was described as having the “real wow effect” among all of the CNI comparisons. Strong network security should not come with a performance penalty. The benchmark test showed that Calico with encryption enabled is 6x faster than any other solution in the market!
Calico uses WireGuard, which runs as a module inside the Linux kernel and provides better performance and lower CPU utilization than IPsec and OpenVPN tunneling protocols. You can activate WireGuard encryption anytime after deploying Calico on your cluster, as well as disable it as needed, a feature described in the report as being “incredibly user-friendly”.
As the industry standard for Kubernetes networking and network security, Calico powers more than one million Kubernetes nodes each and every day. Calico is the only CNI with the ability to support three data planes from a single, unified control plane. Whether you choose eBPF, native Linux, or a Windows data plane, Calico delivers blazing fast performance and exceptional scalability, as the latest benchmark tests confirm.
At Tigera, we’ve always considered Calico to be the best-in-class CNI. But don’t take our word for it. Check out the complete results from the latest benchmark tests of Kubernetes CNIs. You can also run the benchmark on your own cluster with the release of the Kubernetes Network Benchmark Tool from InfraBuilder.
Free Online Training
Access Live and On-Demand Kubernetes Training
Calico Enterprise – Free Trial
Kubernetes Networking, Security and Observability in Hybrid and Multi-Clouds